Access Control Policy Analysis Using Free Variable Tableaux

نویسندگان

  • Hiroaki Kamoda
  • Masaki Yamaoka
  • Shigeyuki Matsuda
  • Krysia Broda
  • Morris Sloman
چکیده

The specification of access control policies for large, multi-organization applications is difficult and error-prone. Sophisticated policies are needed for fine-grained control of access to large numbers of entities, resulting in many policies specified by different security administrators. Techniques such as role based access control (RBAC) have been proposed to group policies and provide a framework for inheriting policies based on role hierarchies. RBAC does not prevent inconsistencies and conflicts arising in the policy specifications, though, which can lead to information leaks or prevent required access. This paper proposes an approach using free variable tableaux to detect conflicts and redundant policies resulting from the combination of various types of authorization and constraint policies. This approach uses static analysis to enable complete detection of modality and static constraint policy conflicts.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Policy Conflict Analysis Using Free Variable Tableaux for Access Control in Web Services Environments

Web Services technologies are now an active research area. By integrating individual existing web systems the technology enables the provision of advanced and sophisticated services, such as allowing users to use different types of resources and services simultaneously in a simple procedure. However the management and maintenance of a large number of Web Services is not easy and, in particular,...

متن کامل

Reasoning About Security: A Logic and a Decision Method for Role-Based Access Control

Role-based access control (RBAC) is one of the most promising techniques for the design and implementation of security policies and its diiusion may be enhanced by the development of formal and automated method of analysis. This paper presents a logic for practical reasoning about role based access control which simpliies and adapts to RBAC the calculus developed at Digital SRC. Beside a langua...

متن کامل

Simplification Rules for Constrained Formula Tableaux

Several variants of a first-order simplification rule for nonnormal form tableaux using syntactic constraints are presented. These can be used as a framework for porting methods like unit resolution or hyper tableaux to non-normal form free variable tableaux.

متن کامل

Using E - Unification to Handle Equality in Universal Formula Semantic Tableaux — Extended

In this paper we describe how a combination of the classical “universal” E-unification and “rigid”E-unification, called “mixed” E-unification, can be used to efficiently handle equality in universal formula semantic tableaux, that are an extension of free variable tableaux.

متن کامل

Using Mixed Universal and Rigid E-Unification to Handle Equality in Universal Formula Semantic Tableaux

In this paper we describe how a combination of the classical “universal” E-unification and “rigid” Eunification, called “mixed” E-unification, can be used to efficiently handle equality in universal formula semantic tableaux, that are an extension of free variable tableaux.

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2006